IETF Logo Mail Archive

Re: QUIC on streams compared to Minion (was Re: Proposal Towards Universal HTTP/3, with a polyfill of QUIC for TCP (Fwd: New Version Notification for draft-kazuho-httpbis-http3-on-streams-00.txt))

Lucas Pardue <lucaspardue.24.7@gmail.com> Sun, 18 February 2024 10:40 UTC

Return-Path: <ietf-http-wg-request+bounce-httpbisa-archive-bis2juki=ietf.org@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 77982C14F5E8 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Sun, 18 Feb 2024 02:40:58 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.855
X-Spam-Level:
X-Spam-Status: No, score=-7.855 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.249, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=w3.org header.b="Y8L/L7F5"; dkim=pass (2048-bit key) header.d=w3.org header.b="n1IuSdIa"; dkim=pass (2048-bit key) header.d=gmail.com header.b="O+yH6rib"
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dcMyhdMRywM8 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Sun, 18 Feb 2024 02:40:57 -0800 (PST)
Received: from lyra.w3.org (lyra.w3.org [128.30.52.18]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1B8ECC14F5FB for <httpbisa-archive-bis2Juki@ietf.org>; Sun, 18 Feb 2024 02:40:42 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=w3.org; s=s1; h=Subject:Content-Type:Cc:To:Message-ID:Date:From:In-Reply-To: References:MIME-Version:Reply-To; bh=M1cZJ5ZoBbfc57x409YbGGAEtAdAehFNOYVtVNOc2Ec=; b=Y8L/L7F5whzwunI/JAqS5QGeXu Gzp2JXW63SD3wDmCraRO3y944f+6M0VC1eq5dbPHcqgECoGpurUMGx8ix+2UPBtQ2n+w6KArlZGmG 0TP+XJYpF3DsHOSYqww7EQKxFRPqORIdouktZd4Q3SFcIgp0PKFHfAwcQq/8j+O2L4qTTn6wlr3jp 0XR+tiFmWOHV/uKLIbsCEywheTta/ZzaUj0dpk5Q6m6WUvaUGmQH9IfRI+zl27ohY74MgHgBc9/Xq pVHMAxG4q97KN2AnyGhZHX0PKsZbssKIMceP8Qiyob7kEz80Qs65n5a17Q8n5I9eEo27kIKKCeALj hGwN7Cbw==;
Received: from lists by lyra.w3.org with local (Exim 4.94.2) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1rbeaw-00EOLW-PX for ietf-http-wg-dist@listhub.w3.org; Sun, 18 Feb 2024 10:40:26 +0000
Resent-Date: Sun, 18 Feb 2024 10:40:26 +0000
Resent-Message-Id: <E1rbeaw-00EOLW-PX@lyra.w3.org>
Received: from pan.w3.org ([3.222.182.102]) by lyra.w3.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from <lucaspardue.24.7@gmail.com>) id 1rbear-00EOJX-Mk for ietf-http-wg@listhub.w3.org; Sun, 18 Feb 2024 10:40:21 +0000
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=w3.org; s=s1; h=Content-Type:Cc:To:Subject:Message-ID:Date:From:In-Reply-To: References:MIME-Version:Reply-To; bh=M1cZJ5ZoBbfc57x409YbGGAEtAdAehFNOYVtVNOc2Ec=; t=1708252821; x=1709116821; b=n1IuSdIa2Ht+mOAWc3Tdwr+SvlcYjfqsFoJIYbxTKKbTemyhk1UlN9zOYA3TAFjfqbfMOo1HOIV TrVvUkdfAZqgeNFZ3zc+duE4lo2pPBpNuBknt8DgccQvvgqET0T9kZSNJAwR9Q7MDSuMOfqMRG1XC PZCM5XdPVHSdQLc0ufFygy34rEKdgRoOoEyuJdxIJ1yLEucP8r7SmtnjvzU2wbRUyLpDY7MRa3I7V dPIxfGbTSDJToiSB+q+MyraMDNlUV+RP7idjcMH/nbm9Bm9L1Sa2+qm0HO2Jnz1rhxdyttsUApD7V z4Ccij8VfH6r4/q9lhGwGFP+RXQh7X6VHmnQ==;
Received-SPF: pass (pan.w3.org: domain of gmail.com designates 2607:f8b0:4864:20::329 as permitted sender) client-ip=2607:f8b0:4864:20::329; envelope-from=lucaspardue.24.7@gmail.com; helo=mail-ot1-x329.google.com;
Received: from mail-ot1-x329.google.com ([2607:f8b0:4864:20::329]) by pan.w3.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (Exim 4.96) (envelope-from <lucaspardue.24.7@gmail.com>) id 1rbeaq-001GEi-2v for ietf-http-wg@w3.org; Sun, 18 Feb 2024 10:40:21 +0000
Received: by mail-ot1-x329.google.com with SMTP id 46e09a7af769-6dc8b280155so2005717a34.0 for <ietf-http-wg@w3.org>; Sun, 18 Feb 2024 02:40:20 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1708252817; x=1708857617; darn=w3.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=M1cZJ5ZoBbfc57x409YbGGAEtAdAehFNOYVtVNOc2Ec=; b=O+yH6ribXnaWsr73LZgtCZjvNTMaOwAPdlOo7coVhttuyG+EexZPeh/7lqTgtEQzAS XPPuxRK3sJgH6vw2gAKAHnSXGT1GCmpdRh06uMAt2kHEQxqYFA35vlvNFhPSyPcWQRfs Lgh9FktQfShNpT0Q30haQbd0/2eW8B8qRXdIuoLT31EOWXVQrLFazhHz3/giOCMe1bx/ F9M2nSD2zpHpyPKw2uaz+ybf3MVOdwLAcW1vdWjmjWlLkiqwoNXoXEXBoDxBTxWfygjX Ojljy9mJhkhYe/GsGW//Ai33OzSSJN0Wbmh9Vl0q5DMvQfPu/w3++N5F7Zyk1Pj5hBdX QuFg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1708252817; x=1708857617; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=M1cZJ5ZoBbfc57x409YbGGAEtAdAehFNOYVtVNOc2Ec=; b=cJkU3gbCN8vM74Frxl3ENJ43ehlBzH+AEBgTsUGXeDWswXuHKIi/aFPWR7E10xz6uy YkG6/m5Iii/cuHPd3CwNPhhLdRcfeiKD0tfHoOUIEcuBwmZyKOHtpm3ZkbePAemp+WyN cfDyfZEfo1rtrzBJL1Qf0DaeG/1+yCUdXIkq1HdxsWZxB1/OHHStOncfGEVB+vogKvtZ MbfLWiVIocmy7v81nneOG4MQ6ZYNf3PZxs/L7NrjnpNbtvkxcpaVBzR7gKXuVdT186aH q+AwWJhkTWDtuRICm04zauueX+qeat90ypkNMFTw3kxwFYS//cuaGWYJGIJUfNYVjBF2 XHhA==
X-Forwarded-Encrypted: i=1; AJvYcCXYxzgsRssjycbyYy/2D0AwIniMvOeGkj2K6C9ggfSKoic8YWy2yDfJASzpWfV2HaOXF0h65EHwpmTIT9kbIhPZxYmS
X-Gm-Message-State: AOJu0Yx7wGuHTfxev7ZpzW+dvzpZku1qtD5o2IvrFxkvDM6ynRK62dvL FCW0IxGJvpYgAGvuCwBbsKrHsV3QH7qy+e1oS35u4/TjbVDqH3jccT7wAq49DFK6TFyAXfA7jOF 7qivlC05hOe++PH7dnVNSuYlNPTU=
X-Google-Smtp-Source: AGHT+IFoaDtf8ENmTSAeQisrTpgWAwLZFcqxmdxT+H0pboOK0BQw8suQf2oQ4AOEXfZFvLNw18qYDcdAm6m08SJCB2I=
X-Received: by 2002:a05:6870:7248:b0:21e:c176:9642 with SMTP id y8-20020a056870724800b0021ec1769642mr399339oaf.29.1708252817152; Sun, 18 Feb 2024 02:40:17 -0800 (PST)
MIME-Version: 1.0
References: <170807134367.25372.9131938145722079298@ietfa.amsl.com> <CANatvzyLJnZH9UHaSoMWbv20VhEtAzY7HqRHCSWt-O65f24uwQ@mail.gmail.com> <078A16AD-9824-41B8-935D-0E4760FF1E22@ifi.uio.no> <939e22d5-1707-4964-9f59-0dea39feebdc@app.fastmail.com> <EE697E49-3C24-4EA4-8BAD-0020EF8EAFAE@ifi.uio.no>
In-Reply-To: <EE697E49-3C24-4EA4-8BAD-0020EF8EAFAE@ifi.uio.no>
From: Lucas Pardue <lucaspardue.24.7@gmail.com>
Date: Sun, 18 Feb 2024 10:40:03 +0000
Message-ID: <CALGR9oa-bD3vxgohPzVze_wd_oDe0aeCmKDyYdPGVKYZkHO2Nw@mail.gmail.com>
To: Michael Welzl <michawe@ifi.uio.no>
Cc: Kazuho Oku <kazuhooku@gmail.com>, IETF QUIC WG <quic@ietf.org>, HTTP Working Group <ietf-http-wg@w3.org>
Content-Type: multipart/alternative; boundary="0000000000005a606f0611a59a58"
X-W3C-Hub-DKIM-Status: validation passed: (address=lucaspardue.24.7@gmail.com domain=gmail.com), signature is good
X-W3C-Hub-Spam-Status: No, score=-9.9
X-W3C-Hub-Spam-Report: BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, DMARC_PASS=-0.001, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, W3C_AA=-1, W3C_IRA=-1, W3C_WL=-1
X-W3C-Scan-Sig: pan.w3.org 1rbeaq-001GEi-2v 67171c45b2f9abaa35c09394ec0ec3dd
X-Original-To: ietf-http-wg@w3.org
Subject: Re: QUIC on streams compared to Minion (was Re: Proposal Towards Universal HTTP/3, with a polyfill of QUIC for TCP (Fwd: New Version Notification for draft-kazuho-httpbis-http3-on-streams-00.txt))
Archived-At: <https://www.w3.org/mid/CALGR9oa-bD3vxgohPzVze_wd_oDe0aeCmKDyYdPGVKYZkHO2Nw@mail.gmail.com>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/51798
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <https://www.w3.org/email/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>

Hi,

On Sun, 18 Feb 2024, 10:23 Michael Welzl, <michawe@ifi.uio.no> wrote:

> Hi,
>
> Below:
>
> On Feb 17, 2024, at 5:40 PM, Lucas Pardue <lucaspardue.24.7@gmail.com>
> wrote:
>
> Hi Michael,
>
> On Sat, Feb 17, 2024, at 11:30, Michael Welzl wrote:
>
> Hi,
>
> QUIC over TCP… I hope that the people doing this are aware of the old work
> on Minion?   If not, see:
> https://datatracker.ietf.org/doc/html/draft-iyengar-minion-protocol-02
> https://datatracker.ietf.org/doc/html/draft-iyengar-minion-concept-02
>
> https://www.usenix.org/conference/nsdi12/technical-sessions/presentation/nowlan
>
> IIRC, the original Minion idea was to introduce a marker in the
> bytestream, but the later development (perhaps captured in the drafts
> above?) worked off the principle that protocols above TCP already have
> these kinds of markers anyway - i.e., it doesn’t even need a change to the
> wire protocol, it’s just a “vertical” change about how to talk to the TCP
> buffer below.
>
> Considering this, it seems almost silly to me to ignore this and map QUIC
> over TCP when streams can so nicely be implemented via TCP too, just by
> “breaking” the TCP API “contract".
>
> My apologies if this is already a part of the plan - I just wanted to
> point out this work because at this point, it’s old and might have been
> forgotten - yet it seems to fit the idea of mapping QUIC over TCP like a
> glove.
>
>
> I'm aware of minion but haven't looked at it in a long while, thanks for
> the reminder. I read over it very briefly and I intend to spend more time
> digesting.
>
> However, my intial understanding is that minion has a hard requirement on
> DTLS, is that correct?
>
>
> I don’t know, it’s long since I last read the drafts.  But, in principle,
> the whole idea is based on being able to identify boundaries within the
> byte stream - and these boundaries must somehow be communicated
> (vertically) down to the TCP engine.  So, my suspicion is that they may
> have tied this to DTLS just for the convenience because DTLS does give you
> these boundaries.
>
> So, in principle, it’s not about DTLS, it’s about handing over boundaries.
> FWIW, in TAPS, this was solved with a “framer” concept, where a sort of
> callback for defining and parsing boundaries is handed over to the system.
> How to best do this in a more general and static system with TLS in
> between, I really don’t know.
>
>
> Part of the motivation of QUIC on streams, as pointed at in the draft, is
> to address a concrete problem in HTTP/2 stream limits. There are proposals
> for how to fix HTTP/2 itself but some of that effort could be invested in
> swapping over to HTTP/3 using QUIC on streams. Whether that would be
> successful depends on the change complexity matrix.
>
> It's the authors view that many clients and servers already support HTTP/2
> over TLS and HTTP/3 (native QUIC) simultaneously, meaning the complexity of
> adding HTTP/3 over QUIC over TLS is minimized. Mostly because QUIC
> implementations would need minor tweaks only. As an implementer (not author
> hat), the requirement to use DTLS would already start to be a put off for
> me in the above scenario.
>
> Can a minion-style (RE)COBS approach could be used with TLS? If so, what
> benefits would that bring over the current proposal?
>
>
> For the first question, see above: probably not easily, but technically,
> *somehow*, yes. For the second question: it would remove HOL blocking.
>
>
> HTTP/2 is already subject to TCP Head of Line Blocking. Maybe it could be
> nice to design a replacement that can fix that using TLS too.
>
>
> True!
>
>
> However, if I understand the minion protocol design (a big if, I'm happy
> to be corrected), it only supports 4 reorderings. Furthermore, since the
> "bookends" are in the plaintext stream, it seems trivial for an on-path
> attacker to interfere with them, opening up a new suite of security issues.
>
>
> Hm… I forgot these details.
>
> Well I don’t know if it *really* fits - it was just something that seemed
> suitable to me, as it might be able to remove HOL blocking when using
> streams, but … as always, the devil is in the details.
>

Yes, these are some interesting ideas, especially in the early phase of
discussion. Thanks for bring our attention (back) to minion!

Cheers
Lucas

v2.23.0 | Report a Bug | By Email